temporarily disabling 3.7 due to error in ci/cd #18
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: release | |
| on: | |
| push: | |
| tags: | |
| - 'v*' | |
| env: | |
| # Use docker.io for Docker Hub if empty | |
| REGISTRY: ghcr.io | |
| # github.repository as <account>/<repo> | |
| IMAGE_BASE_NAME: ${{ github.repository }} | |
| jobs: | |
| build-dev-image: | |
| name: build-dev-image | |
| runs-on: ubuntu-latest | |
| permissions: | |
| contents: read | |
| packages: write | |
| # This is used to complete the identity challenge | |
| # with sigstore/fulcio when running outside of PRs. | |
| id-token: write | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v3 | |
| with: | |
| fetch-depth: 0 | |
| # Install the cosign tool except on PR | |
| # https://github.com/sigstore/cosign-installer | |
| - name: Install cosign | |
| if: github.event_name != 'pull_request' | |
| uses: sigstore/cosign-installer@main | |
| # Workaround: https://github.com/docker/build-push-action/issues/461 | |
| - name: Setup Docker buildx | |
| uses: docker/setup-buildx-action@v2 | |
| # Login against a Docker registry except on PR | |
| # https://github.com/docker/login-action | |
| - name: Log into registry ${{ env.REGISTRY }} | |
| if: github.event_name != 'pull_request' | |
| uses: docker/login-action@v2 | |
| with: | |
| registry: ${{ env.REGISTRY }} | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| # Extract metadata (tags, labels) for Docker | |
| # https://github.com/docker/metadata-action | |
| - name: Extract Docker metadata | |
| id: meta | |
| uses: docker/metadata-action@v4 | |
| with: | |
| images: ${{ env.REGISTRY }}/${{ env.IMAGE_BASE_NAME }}-dev | |
| tags: | | |
| type=semver,pattern={{version}} | |
| # Build and push Docker image with Buildx (don't push on PR) | |
| # https://github.com/docker/build-push-action | |
| - name: Build and push Docker image | |
| id: build-and-push | |
| uses: docker/build-push-action@v4 | |
| with: | |
| context: .devcontainer/ | |
| push: ${{ github.event_name != 'pull_request' }} | |
| tags: ${{ steps.meta.outputs.tags }} | |
| labels: ${{ steps.meta.outputs.labels }} | |
| cache-from: type=gha | |
| cache-to: type=gha,mode=max | |
| # Sign the resulting Docker image digest. | |
| - name: Sign the images with GitHub OIDC Token **not production ready** | |
| run: cosign sign --yes ${TAGS} | |
| env: | |
| TAGS: ${{ steps.meta.outputs.tags }} | |
| build-devcontainer: | |
| runs-on: ubuntu-latest | |
| needs: build-dev-image | |
| permissions: | |
| contents: read | |
| packages: write | |
| steps: | |
| - name: Checkout (GitHub) | |
| uses: actions/checkout@v3 | |
| with: | |
| fetch-depth: 0 | |
| # Login against a Docker registry except on PR | |
| # https://github.com/docker/login-action | |
| - name: Log into registry ${{ env.REGISTRY }} | |
| if: github.event_name != 'pull_request' | |
| uses: docker/login-action@v2 | |
| with: | |
| registry: ${{ env.REGISTRY }} | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Build and run Dev Container task | |
| uses: devcontainers/ci@v0.3 | |
| with: | |
| # Change this to point to your image name | |
| imageName: ${{ env.REGISTRY }}/${{ env.IMAGE_BASE_NAME }}-devcontainer | |
| build-documentation: | |
| name: Build documentation | |
| runs-on: ubuntu-latest | |
| needs: build-dev-image | |
| container: | |
| credentials: | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| image: ghcr.io/${{ github.repository }}-dev:latest | |
| volumes: | |
| - ${{ github.workspace }}:/workspace | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v3 | |
| with: | |
| fetch-depth: 0 | |
| - name: Generage Test Summary Report | |
| run: | | |
| tox -e test_report | |
| genbadge tests -i docs/build/html/reports/junit/junit.xml -o docs/build/html/reports/junit/tests-badge.svg | |
| - name: Generage Test Coverage Report | |
| run: | | |
| tox -e coverage_report | |
| genbadge coverage -i docs/build/html/reports/coverage/coverage.xml -o docs/build/html/reports/coverage/coverage-badge.svg | |
| rm docs/build/html/reports/coverage/.gitignore | |
| - name: Build Documentation | |
| run: | | |
| tox -e docs_html | |
| - uses: actions/upload-artifact@v3 | |
| with: | |
| name: documentation-artifact | |
| path: docs/build | |
| if-no-files-found: error | |
| publish: | |
| name: Publish release and documentation | |
| runs-on: ubuntu-latest | |
| needs: build-documentation | |
| permissions: write-all | |
| steps: | |
| - uses: actions/download-artifact@v3 | |
| with: | |
| # unpacks into documentation-artifact/ | |
| # if `name: documentation-artifact` is omitted, the action will create extra parent dir | |
| name: documentation-artifact | |
| path: docs/build | |
| - name: Deploy to GitHub Pages | |
| uses: peaceiris/actions-gh-pages@v3 | |
| with: | |
| github_token: ${{ secrets.GITHUB_TOKEN }} | |
| publish_dir: docs/build/html | |
| keep_files: true | |
| - uses: "marvinpinto/action-automatic-releases@latest" | |
| with: | |
| repo_token: "${{ secrets.GITHUB_TOKEN }}" | |
| prerelease: false | |
| build_package: | |
| name: Build package | |
| uses: ./.github/workflows/build_package.yml | |
| secrets: inherit | |
| upload_pypi: | |
| name: Upload to PyPI | |
| needs: [build_package, publish] | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/download-artifact@v3 | |
| with: | |
| # unpacks default artifact into dist/ | |
| # if `name: artifact` is omitted, the action will create extra parent dir | |
| name: artifact | |
| path: dist | |
| - uses: pypa/gh-action-pypi-publish@v1.5.0 | |
| with: | |
| password: ${{ secrets.PYPI_API_TOKEN }} |